@towns-protocol/encryption 0.0.191

package/LICENSE.txt

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 River Association
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,3 @@
+# Group Encryption protocol
+
+Documentation here: <https://docs.towns.com/build/towns-encryption>

package/dist/base.d.ts

@@ -0,0 +1,64 @@
+import { GroupEncryptionAlgorithmId, GroupEncryptionSession, UserDeviceCollection } from './olmLib';
+import { EncryptionDevice } from './encryptionDevice';
+import { EncryptedData } from '@towns-protocol/proto';
+export interface IGroupEncryptionClient {
+    downloadUserDeviceInfo(userIds: string[], forceDownload: boolean): Promise<UserDeviceCollection>;
+    encryptAndShareGroupSessions(streamId: string, sessions: GroupEncryptionSession[], devicesInRoom: UserDeviceCollection, algorithm: GroupEncryptionAlgorithmId): Promise<void>;
+    getDevicesInStream(streamId: string): Promise<UserDeviceCollection>;
+    getMiniblockInfo(streamId: string): Promise<{
+        miniblockNum: bigint;
+        miniblockHash: Uint8Array;
+    }>;
+}
+export interface IDecryptionParams {
+    /** olm.js wrapper */
+    device: EncryptionDevice;
+}
+export interface IEncryptionParams {
+    client: IGroupEncryptionClient;
+    /** olm.js wrapper */
+    device: EncryptionDevice;
+}
+/**
+ * base type for encryption implementations
+ */
+export declare abstract class EncryptionAlgorithm implements IEncryptionParams {
+    readonly device: EncryptionDevice;
+    readonly client: IGroupEncryptionClient;
+    /**
+     * @param params - parameters
+     */
+    constructor(params: IEncryptionParams);
+    abstract ensureOutboundSession(streamId: string, opts?: {
+        awaitInitialShareSession: boolean;
+    }): Promise<void>;
+    abstract encrypt_deprecated_v0(streamId: string, payload: string): Promise<EncryptedData>;
+    abstract encrypt(streamId: string, payload: Uint8Array): Promise<EncryptedData>;
+}
+/**
+ * base type for decryption implementations
+ */
+export declare abstract class DecryptionAlgorithm implements IDecryptionParams {
+    readonly device: EncryptionDevice;
+    constructor(params: IDecryptionParams);
+    abstract decrypt(streamId: string, content: EncryptedData): Promise<Uint8Array | string>;
+    abstract importStreamKey(streamId: string, session: GroupEncryptionSession): Promise<void>;
+    abstract exportGroupSession(streamId: string, sessionId: string): Promise<GroupEncryptionSession | undefined>;
+    abstract exportGroupSessions(): Promise<GroupEncryptionSession[]>;
+    abstract exportGroupSessionIds(streamId: string): Promise<string[]>;
+    abstract hasSessionKey(streamId: string, sessionId: string): Promise<boolean>;
+}
+/**
+ * Exception thrown when decryption fails
+ *
+ * @param msg - user-visible message describing the problem
+ *
+ * @param details - key/value pairs reported in the logs but not shown
+ *   to the user.
+ */
+export declare class DecryptionError extends Error {
+    readonly code: string;
+    constructor(code: string, msg: string);
+}
+export declare function isDecryptionError(e: Error): e is DecryptionError;
+//# sourceMappingURL=base.d.ts.map

package/dist/base.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"base.d.ts","sourceRoot":"","sources":["../src/base.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,0BAA0B,EAAE,sBAAsB,EAAE,oBAAoB,EAAE,MAAM,UAAU,CAAA;AAEnG,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAA;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAA;AAErD,MAAM,WAAW,sBAAsB;IACnC,sBAAsB,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE,aAAa,EAAE,OAAO,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAA;IAChG,4BAA4B,CACxB,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,sBAAsB,EAAE,EAClC,aAAa,EAAE,oBAAoB,EACnC,SAAS,EAAE,0BAA0B,GACtC,OAAO,CAAC,IAAI,CAAC,CAAA;IAChB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAA;IACnE,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,YAAY,EAAE,MAAM,CAAC;QAAC,aAAa,EAAE,UAAU,CAAA;KAAE,CAAC,CAAA;CACnG;AAED,MAAM,WAAW,iBAAiB;IAC9B,qBAAqB;IACrB,MAAM,EAAE,gBAAgB,CAAA;CAC3B;AAED,MAAM,WAAW,iBAAiB;IAC9B,MAAM,EAAE,sBAAsB,CAAA;IAC9B,qBAAqB;IACrB,MAAM,EAAE,gBAAgB,CAAA;CAC3B;AAED;;GAEG;AACH,8BAAsB,mBAAoB,YAAW,iBAAiB;IAClE,SAAgB,MAAM,EAAE,gBAAgB,CAAA;IACxC,SAAgB,MAAM,EAAE,sBAAsB,CAAA;IAE9C;;OAEG;gBACgB,MAAM,EAAE,iBAAiB;IAK5C,QAAQ,CAAC,qBAAqB,CAC1B,QAAQ,EAAE,MAAM,EAChB,IAAI,CAAC,EAAE;QAAE,wBAAwB,EAAE,OAAO,CAAA;KAAE,GAC7C,OAAO,CAAC,IAAI,CAAC;IAEhB,QAAQ,CAAC,qBAAqB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IACzF,QAAQ,CAAC,OAAO,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,GAAG,OAAO,CAAC,aAAa,CAAC;CAClF;AAED;;GAEG;AACH,8BAAsB,mBAAoB,YAAW,iBAAiB;IAClE,SAAgB,MAAM,EAAE,gBAAgB,CAAA;gBAErB,MAAM,EAAE,iBAAiB;IAI5C,QAAQ,CAAC,OAAO,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,UAAU,GAAG,MAAM,CAAC;IAExF,QAAQ,CAAC,eAAe,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,sBAAsB,GAAG,OAAO,CAAC,IAAI,CAAC;IAE1F,QAAQ,CAAC,kBAAkB,CACvB,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,GAClB,OAAO,CAAC,sBAAsB,GAAG,SAAS,CAAC;IAE9C,QAAQ,CAAC,mBAAmB,IAAI,OAAO,CAAC,sBAAsB,EAAE,CAAC;IACjE,QAAQ,CAAC,qBAAqB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IACnE,QAAQ,CAAC,aAAa,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;CAChF;AAED;;;;;;;GAOG;AACH,qBAAa,eAAgB,SAAQ,KAAK;aACH,IAAI,EAAE,MAAM;gBAAZ,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM;CAK/D;AAED,wBAAgB,iBAAiB,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,IAAI,eAAe,CAEhE"}

package/dist/base.js

@@ -0,0 +1,44 @@
+/**
+ * base type for encryption implementations
+ */
+export class EncryptionAlgorithm {
+    device;
+    client;
+    /**
+     * @param params - parameters
+     */
+    constructor(params) {
+        this.device = params.device;
+        this.client = params.client;
+    }
+}
+/**
+ * base type for decryption implementations
+ */
+export class DecryptionAlgorithm {
+    device;
+    constructor(params) {
+        this.device = params.device;
+    }
+}
+/**
+ * Exception thrown when decryption fails
+ *
+ * @param msg - user-visible message describing the problem
+ *
+ * @param details - key/value pairs reported in the logs but not shown
+ *   to the user.
+ */
+export class DecryptionError extends Error {
+    code;
+    constructor(code, msg) {
+        super(msg);
+        this.code = code;
+        this.code = code;
+        this.name = 'DecryptionError';
+    }
+}
+export function isDecryptionError(e) {
+    return e.name === 'DecryptionError';
+}
+//# sourceMappingURL=base.js.map

package/dist/base.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"base.js","sourceRoot":"","sources":["../src/base.ts"],"names":[],"mappings":"AA4BA;;GAEG;AACH,MAAM,OAAgB,mBAAmB;IACrB,MAAM,CAAkB;IACxB,MAAM,CAAwB;IAE9C;;OAEG;IACH,YAAmB,MAAyB;QACxC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAA;QAC3B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAA;IAC/B,CAAC;CASJ;AAED;;GAEG;AACH,MAAM,OAAgB,mBAAmB;IACrB,MAAM,CAAkB;IAExC,YAAmB,MAAyB;QACxC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAA;IAC/B,CAAC;CAcJ;AAED;;;;;;;GAOG;AACH,MAAM,OAAO,eAAgB,SAAQ,KAAK;IACH;IAAnC,YAAmC,IAAY,EAAE,GAAW;QACxD,KAAK,CAAC,GAAG,CAAC,CAAA;QADqB,SAAI,GAAJ,IAAI,CAAQ;QAE3C,IAAI,CAAC,IAAI,GAAG,IAAI,CAAA;QAChB,IAAI,CAAC,IAAI,GAAG,iBAAiB,CAAA;IACjC,CAAC;CACJ;AAED,MAAM,UAAU,iBAAiB,CAAC,CAAQ;IACtC,OAAO,CAAC,CAAC,IAAI,KAAK,iBAAiB,CAAA;AACvC,CAAC"}

package/dist/cryptoAesGcm.d.ts

@@ -0,0 +1,9 @@
+export declare function generateNewAesGcmKey(): Promise<CryptoKey>;
+export declare function exportAesGsmKeyBytes(key: CryptoKey): Promise<Uint8Array>;
+export declare function importAesGsmKeyBytes(key: Uint8Array): Promise<CryptoKey>;
+export declare function encryptAesGcm(key: CryptoKey, data: Uint8Array): Promise<{
+    ciphertext: Uint8Array;
+    iv: Uint8Array;
+}>;
+export declare function decryptAesGcm(key: CryptoKey, ciphertext: Uint8Array, iv: Uint8Array): Promise<Uint8Array>;
+//# sourceMappingURL=cryptoAesGcm.d.ts.map

package/dist/cryptoAesGcm.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cryptoAesGcm.d.ts","sourceRoot":"","sources":["../src/cryptoAesGcm.ts"],"names":[],"mappings":"AAAA,wBAAsB,oBAAoB,IAAI,OAAO,CAAC,SAAS,CAAC,CAE/D;AAED,wBAAsB,oBAAoB,CAAC,GAAG,EAAE,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAG9E;AAED,wBAAsB,oBAAoB,CAAC,GAAG,EAAE,UAAU,GAAG,OAAO,CAAC,SAAS,CAAC,CAE9E;AAED,wBAAsB,aAAa,CAC/B,GAAG,EAAE,SAAS,EACd,IAAI,EAAE,UAAU,GACjB,OAAO,CAAC;IAAE,UAAU,EAAE,UAAU,CAAC;IAAC,EAAE,EAAE,UAAU,CAAA;CAAE,CAAC,CAYrD;AAED,wBAAsB,aAAa,CAC/B,GAAG,EAAE,SAAS,EACd,UAAU,EAAE,UAAU,EACtB,EAAE,EAAE,UAAU,GACf,OAAO,CAAC,UAAU,CAAC,CAarB"}

package/dist/cryptoAesGcm.js

@@ -0,0 +1,30 @@
+export async function generateNewAesGcmKey() {
+    return crypto.subtle.generateKey({ name: 'AES-GCM', length: 256 }, true, ['encrypt', 'decrypt']);
+}
+export async function exportAesGsmKeyBytes(key) {
+    const exportedKey = await crypto.subtle.exportKey('raw', key);
+    return new Uint8Array(exportedKey);
+}
+export async function importAesGsmKeyBytes(key) {
+    return crypto.subtle.importKey('raw', key, 'AES-GCM', true, ['encrypt', 'decrypt']);
+}
+export async function encryptAesGcm(key, data) {
+    // If data is empty, it's obvious what the message is from the result length.
+    if (data.length === 0) {
+        throw new Error('Data to encrypt cannot be empty');
+    }
+    const iv = crypto.getRandomValues(new Uint8Array(12));
+    const encrypted = await crypto.subtle.encrypt({ name: 'AES-GCM', iv, tagLength: 128 }, key, data);
+    return { ciphertext: new Uint8Array(encrypted), iv };
+}
+export async function decryptAesGcm(key, ciphertext, iv) {
+    if (iv.length !== 12) {
+        throw new Error('IV must be 12 bytes');
+    }
+    if (ciphertext.length < 17) {
+        throw new Error('Ciphertext can not be this short');
+    }
+    const decrypted = await crypto.subtle.decrypt({ name: 'AES-GCM', iv, tagLength: 128 }, key, ciphertext);
+    return new Uint8Array(decrypted);
+}
+//# sourceMappingURL=cryptoAesGcm.js.map

package/dist/cryptoAesGcm.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cryptoAesGcm.js","sourceRoot":"","sources":["../src/cryptoAesGcm.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,KAAK,UAAU,oBAAoB;IACtC,OAAO,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAA;AACpG,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,GAAc;IACrD,MAAM,WAAW,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;IAC7D,OAAO,IAAI,UAAU,CAAC,WAAW,CAAC,CAAA;AACtC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,GAAe;IACtD,OAAO,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,GAAG,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAA;AACvF,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CAC/B,GAAc,EACd,IAAgB;IAEhB,6EAA6E;IAC7E,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,iCAAiC,CAAC,CAAA;IACtD,CAAC;IACD,MAAM,EAAE,GAAG,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,EAAE,CAAC,CAAC,CAAA;IACrD,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,OAAO,CACzC,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,EAAE,SAAS,EAAE,GAAG,EAAE,EACvC,GAAG,EACH,IAAI,CACP,CAAA;IACD,OAAO,EAAE,UAAU,EAAE,IAAI,UAAU,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,CAAA;AACxD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CAC/B,GAAc,EACd,UAAsB,EACtB,EAAc;IAEd,IAAI,EAAE,CAAC,MAAM,KAAK,EAAE,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAA;IAC1C,CAAC;IACD,IAAI,UAAU,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACzB,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAA;IACvD,CAAC;IACD,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,OAAO,CACzC,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,EAAE,SAAS,EAAE,GAAG,EAAE,EACvC,GAAG,EACH,UAAU,CACb,CAAA;IACD,OAAO,IAAI,UAAU,CAAC,SAAS,CAAC,CAAA;AACpC,CAAC"}

package/dist/cryptoStore.d.ts

@@ -0,0 +1,52 @@
+import { AccountRecord, ExtendedInboundGroupSessionData, GroupSessionRecord, HybridGroupSessionRecord, UserDeviceRecord } from './storeTypes';
+import Dexie, { Table } from 'dexie';
+import { InboundGroupSessionData } from './encryptionDevice';
+import { UserDevice } from './olmLib';
+export declare class CryptoStore extends Dexie {
+    account: Table<AccountRecord>;
+    outboundGroupSessions: Table<GroupSessionRecord>;
+    inboundGroupSessions: Table<ExtendedInboundGroupSessionData>;
+    hybridGroupSessions: Table<HybridGroupSessionRecord>;
+    devices: Table<UserDeviceRecord>;
+    userId: string;
+    constructor(databaseName: string, userId: string);
+    initialize(): Promise<void>;
+    deleteAllData(): void;
+    deleteInboundGroupSessions(streamId: string, sessionId: string): Promise<void>;
+    deleteAccount(userId: string): Promise<void>;
+    getAccount(): Promise<string>;
+    storeAccount(accountPickle: string): Promise<void>;
+    storeEndToEndOutboundGroupSession(sessionId: string, sessionData: string, streamId: string): Promise<void>;
+    getEndToEndOutboundGroupSession(streamId: string): Promise<string>;
+    getAllEndToEndOutboundGroupSessions(): Promise<GroupSessionRecord[]>;
+    getEndToEndInboundGroupSession(streamId: string, sessionId: string): Promise<InboundGroupSessionData | undefined>;
+    getHybridGroupSession(streamId: string, sessionId: string): Promise<HybridGroupSessionRecord | undefined>;
+    getHybridGroupSessionsForStream(streamId: string): Promise<HybridGroupSessionRecord[]>;
+    getAllEndToEndInboundGroupSessions(): Promise<ExtendedInboundGroupSessionData[]>;
+    getAllHybridGroupSessions(): Promise<HybridGroupSessionRecord[]>;
+    storeEndToEndInboundGroupSession(streamId: string, sessionId: string, sessionData: InboundGroupSessionData): Promise<void>;
+    storeHybridGroupSession(sessionData: HybridGroupSessionRecord): Promise<void>;
+    getInboundGroupSessionIds(streamId: string): Promise<string[]>;
+    getHybridGroupSessionIds(streamId: string): Promise<string[]>;
+    withAccountTx<T>(fn: () => Promise<T>): Promise<T>;
+    withGroupSessions<T>(fn: () => Promise<T>): Promise<T>;
+    /**
+     * Only used for testing
+     * @returns total number of devices in the store
+     */
+    deviceRecordCount(): Promise<number>;
+    /**
+     * Store a list of devices for a given userId
+     * @param userId string
+     * @param devices UserDeviceInfo[]
+     * @param expirationMs Expiration time in milliseconds
+     */
+    saveUserDevices(userId: string, devices: UserDevice[], expirationMs?: number): Promise<void>;
+    /**
+     * Get all stored devices for a given userId
+     * @param userId string
+     * @returns UserDevice[], a list of devices
+     */
+    getUserDevices(userId: string): Promise<UserDevice[]>;
+}
+//# sourceMappingURL=cryptoStore.d.ts.map

package/dist/cryptoStore.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cryptoStore.d.ts","sourceRoot":"","sources":["../src/cryptoStore.ts"],"names":[],"mappings":"AAAA,OAAO,EACH,aAAa,EACb,+BAA+B,EAC/B,kBAAkB,EAClB,wBAAwB,EACxB,gBAAgB,EACnB,MAAM,cAAc,CAAA;AACrB,OAAO,KAAK,EAAE,EAAE,KAAK,EAAE,MAAM,OAAO,CAAA;AAEpC,OAAO,EAAE,uBAAuB,EAAE,MAAM,oBAAoB,CAAA;AAC5D,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAA;AAMrC,qBAAa,WAAY,SAAQ,KAAK;IAClC,OAAO,EAAG,KAAK,CAAC,aAAa,CAAC,CAAA;IAC9B,qBAAqB,EAAG,KAAK,CAAC,kBAAkB,CAAC,CAAA;IACjD,oBAAoB,EAAG,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAC7D,mBAAmB,EAAG,KAAK,CAAC,wBAAwB,CAAC,CAAA;IACrD,OAAO,EAAG,KAAK,CAAC,gBAAgB,CAAC,CAAA;IACjC,MAAM,EAAE,MAAM,CAAA;gBAEF,YAAY,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;IAY1C,UAAU;IAIhB,aAAa;IAIP,0BAA0B,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI9E,aAAa,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAI5C,UAAU,IAAI,OAAO,CAAC,MAAM,CAAC;IAQ7B,YAAY,CAAC,aAAa,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAIlD,iCAAiC,CACnC,SAAS,EAAE,MAAM,EACjB,WAAW,EAAE,MAAM,EACnB,QAAQ,EAAE,MAAM,GACjB,OAAO,CAAC,IAAI,CAAC;IAIV,+BAA+B,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAQlE,mCAAmC,IAAI,OAAO,CAAC,kBAAkB,EAAE,CAAC;IAIpE,8BAA8B,CAChC,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,GAClB,OAAO,CAAC,uBAAuB,GAAG,SAAS,CAAC;IAIzC,qBAAqB,CACvB,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,GAClB,OAAO,CAAC,wBAAwB,GAAG,SAAS,CAAC;IAI1C,+BAA+B,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,wBAAwB,EAAE,CAAC;IAKtF,kCAAkC,IAAI,OAAO,CAAC,+BAA+B,EAAE,CAAC;IAIhF,yBAAyB,IAAI,OAAO,CAAC,wBAAwB,EAAE,CAAC;IAIhE,gCAAgC,CAClC,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,EACjB,WAAW,EAAE,uBAAuB,GACrC,OAAO,CAAC,IAAI,CAAC;IAIV,uBAAuB,CAAC,WAAW,EAAE,wBAAwB,GAAG,OAAO,CAAC,IAAI,CAAC;IAI7E,yBAAyB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAK9D,wBAAwB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAK7D,aAAa,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;IAIlD,iBAAiB,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;IAU5D;;;OAGG;IACG,iBAAiB;IAIvB;;;;;OAKG;IACG,eAAe,CACjB,MAAM,EAAE,MAAM,EACd,OAAO,EAAE,UAAU,EAAE,EACrB,YAAY,GAAE,MAA+C;IAQjE;;;;OAIG;IACG,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;CAa9D"}

package/dist/cryptoStore.js

@@ -0,0 +1,131 @@
+import Dexie from 'dexie';
+// TODO: Increase this time to 10 days or something.
+// Its 15 min right now so we can catch any issues with the expiration time.
+const DEFAULT_USER_DEVICE_EXPIRATION_TIME_MS = 15 * 60 * 1000;
+export class CryptoStore extends Dexie {
+    account;
+    outboundGroupSessions;
+    inboundGroupSessions;
+    hybridGroupSessions;
+    devices;
+    userId;
+    constructor(databaseName, userId) {
+        super(databaseName);
+        this.userId = userId;
+        this.version(6).stores({
+            account: 'id',
+            inboundGroupSessions: '[streamId+sessionId]',
+            outboundGroupSessions: 'streamId',
+            hybridGroupSessions: '[streamId+sessionId],streamId',
+            devices: '[userId+deviceKey],expirationTimestamp',
+        });
+    }
+    async initialize() {
+        await this.devices.where('expirationTimestamp').below(Date.now()).delete();
+    }
+    deleteAllData() {
+        throw new Error('Method not implemented.');
+    }
+    async deleteInboundGroupSessions(streamId, sessionId) {
+        await this.inboundGroupSessions.where({ streamId, sessionId }).delete();
+    }
+    async deleteAccount(userId) {
+        await this.account.where({ id: userId }).delete();
+    }
+    async getAccount() {
+        const account = await this.account.get({ id: this.userId });
+        if (!account) {
+            throw new Error('account not found');
+        }
+        return account.accountPickle;
+    }
+    async storeAccount(accountPickle) {
+        await this.account.put({ id: this.userId, accountPickle });
+    }
+    async storeEndToEndOutboundGroupSession(sessionId, sessionData, streamId) {
+        await this.outboundGroupSessions.put({ sessionId, session: sessionData, streamId });
+    }
+    async getEndToEndOutboundGroupSession(streamId) {
+        const session = await this.outboundGroupSessions.get({ streamId });
+        if (!session) {
+            throw new Error('session not found');
+        }
+        return session.session;
+    }
+    async getAllEndToEndOutboundGroupSessions() {
+        return await this.outboundGroupSessions.toArray();
+    }
+    async getEndToEndInboundGroupSession(streamId, sessionId) {
+        return await this.inboundGroupSessions.get({ sessionId, streamId });
+    }
+    async getHybridGroupSession(streamId, sessionId) {
+        return await this.hybridGroupSessions.get({ streamId, sessionId });
+    }
+    async getHybridGroupSessionsForStream(streamId) {
+        const sessions = await this.hybridGroupSessions.where({ streamId }).toArray();
+        return sessions;
+    }
+    async getAllEndToEndInboundGroupSessions() {
+        return await this.inboundGroupSessions.toArray();
+    }
+    async getAllHybridGroupSessions() {
+        return await this.hybridGroupSessions.toArray();
+    }
+    async storeEndToEndInboundGroupSession(streamId, sessionId, sessionData) {
+        await this.inboundGroupSessions.put({ streamId, sessionId, ...sessionData });
+    }
+    async storeHybridGroupSession(sessionData) {
+        await this.hybridGroupSessions.put({ ...sessionData });
+    }
+    async getInboundGroupSessionIds(streamId) {
+        const sessions = await this.inboundGroupSessions.where({ streamId }).toArray();
+        return sessions.map((s) => s.sessionId);
+    }
+    async getHybridGroupSessionIds(streamId) {
+        const sessions = await this.hybridGroupSessions.where({ streamId }).toArray();
+        return sessions.map((s) => s.sessionId);
+    }
+    async withAccountTx(fn) {
+        return await this.transaction('rw', this.account, fn);
+    }
+    async withGroupSessions(fn) {
+        return await this.transaction('rw', this.outboundGroupSessions, this.inboundGroupSessions, this.hybridGroupSessions, // aellis this should be in its own transaction but tests were failing otherwise
+        fn);
+    }
+    /**
+     * Only used for testing
+     * @returns total number of devices in the store
+     */
+    async deviceRecordCount() {
+        return await this.devices.count();
+    }
+    /**
+     * Store a list of devices for a given userId
+     * @param userId string
+     * @param devices UserDeviceInfo[]
+     * @param expirationMs Expiration time in milliseconds
+     */
+    async saveUserDevices(userId, devices, expirationMs = DEFAULT_USER_DEVICE_EXPIRATION_TIME_MS) {
+        const expirationTimestamp = Date.now() + expirationMs;
+        for (const device of devices) {
+            await this.devices.put({ userId, expirationTimestamp, ...device });
+        }
+    }
+    /**
+     * Get all stored devices for a given userId
+     * @param userId string
+     * @returns UserDevice[], a list of devices
+     */
+    async getUserDevices(userId) {
+        const expirationTimestamp = Date.now();
+        return (await this.devices
+            .where('userId')
+            .equals(userId)
+            .and((record) => record.expirationTimestamp > expirationTimestamp)
+            .toArray()).map((record) => ({
+            deviceKey: record.deviceKey,
+            fallbackKey: record.fallbackKey,
+        }));
+    }
+}
+//# sourceMappingURL=cryptoStore.js.map

package/dist/cryptoStore.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cryptoStore.js","sourceRoot":"","sources":["../src/cryptoStore.ts"],"names":[],"mappings":"AAOA,OAAO,KAAgB,MAAM,OAAO,CAAA;AAKpC,oDAAoD;AACpD,4EAA4E;AAC5E,MAAM,sCAAsC,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAA;AAE7D,MAAM,OAAO,WAAY,SAAQ,KAAK;IAClC,OAAO,CAAuB;IAC9B,qBAAqB,CAA4B;IACjD,oBAAoB,CAAyC;IAC7D,mBAAmB,CAAkC;IACrD,OAAO,CAA0B;IACjC,MAAM,CAAQ;IAEd,YAAY,YAAoB,EAAE,MAAc;QAC5C,KAAK,CAAC,YAAY,CAAC,CAAA;QACnB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;YACnB,OAAO,EAAE,IAAI;YACb,oBAAoB,EAAE,sBAAsB;YAC5C,qBAAqB,EAAE,UAAU;YACjC,mBAAmB,EAAE,+BAA+B;YACpD,OAAO,EAAE,wCAAwC;SACpD,CAAC,CAAA;IACN,CAAC;IAED,KAAK,CAAC,UAAU;QACZ,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAA;IAC9E,CAAC;IAED,aAAa;QACT,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAA;IAC9C,CAAC;IAED,KAAK,CAAC,0BAA0B,CAAC,QAAgB,EAAE,SAAiB;QAChE,MAAM,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAA;IAC3E,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,MAAc;QAC9B,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAA;IACrD,CAAC;IAED,KAAK,CAAC,UAAU;QACZ,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAA;QAC3D,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAA;QACxC,CAAC;QACD,OAAO,OAAO,CAAC,aAAa,CAAA;IAChC,CAAC;IAED,KAAK,CAAC,YAAY,CAAC,aAAqB;QACpC,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,MAAM,EAAE,aAAa,EAAE,CAAC,CAAA;IAC9D,CAAC;IAED,KAAK,CAAC,iCAAiC,CACnC,SAAiB,EACjB,WAAmB,EACnB,QAAgB;QAEhB,MAAM,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,CAAC,CAAA;IACvF,CAAC;IAED,KAAK,CAAC,+BAA+B,CAAC,QAAgB;QAClD,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAA;QAClE,IAAI,CAAC,OAAO,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC,CAAA;QACxC,CAAC;QACD,OAAO,OAAO,CAAC,OAAO,CAAA;IAC1B,CAAC;IAED,KAAK,CAAC,mCAAmC;QACrC,OAAO,MAAM,IAAI,CAAC,qBAAqB,CAAC,OAAO,EAAE,CAAA;IACrD,CAAC;IAED,KAAK,CAAC,8BAA8B,CAChC,QAAgB,EAChB,SAAiB;QAEjB,OAAO,MAAM,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,CAAA;IACvE,CAAC;IAED,KAAK,CAAC,qBAAqB,CACvB,QAAgB,EAChB,SAAiB;QAEjB,OAAO,MAAM,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,CAAA;IACtE,CAAC;IAED,KAAK,CAAC,+BAA+B,CAAC,QAAgB;QAClD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,OAAO,EAAE,CAAA;QAC7E,OAAO,QAAQ,CAAA;IACnB,CAAC;IAED,KAAK,CAAC,kCAAkC;QACpC,OAAO,MAAM,IAAI,CAAC,oBAAoB,CAAC,OAAO,EAAE,CAAA;IACpD,CAAC;IAED,KAAK,CAAC,yBAAyB;QAC3B,OAAO,MAAM,IAAI,CAAC,mBAAmB,CAAC,OAAO,EAAE,CAAA;IACnD,CAAC;IAED,KAAK,CAAC,gCAAgC,CAClC,QAAgB,EAChB,SAAiB,EACjB,WAAoC;QAEpC,MAAM,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,WAAW,EAAE,CAAC,CAAA;IAChF,CAAC;IAED,KAAK,CAAC,uBAAuB,CAAC,WAAqC;QAC/D,MAAM,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,EAAE,GAAG,WAAW,EAAE,CAAC,CAAA;IAC1D,CAAC;IAED,KAAK,CAAC,yBAAyB,CAAC,QAAgB;QAC5C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,OAAO,EAAE,CAAA;QAC9E,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;IAC3C,CAAC;IAED,KAAK,CAAC,wBAAwB,CAAC,QAAgB;QAC3C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,OAAO,EAAE,CAAA;QAC7E,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAA;IAC3C,CAAC;IAED,KAAK,CAAC,aAAa,CAAI,EAAoB;QACvC,OAAO,MAAM,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC,CAAA;IACzD,CAAC;IAED,KAAK,CAAC,iBAAiB,CAAI,EAAoB;QAC3C,OAAO,MAAM,IAAI,CAAC,WAAW,CACzB,IAAI,EACJ,IAAI,CAAC,qBAAqB,EAC1B,IAAI,CAAC,oBAAoB,EACzB,IAAI,CAAC,mBAAmB,EAAE,gFAAgF;QAC1G,EAAE,CACL,CAAA;IACL,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,iBAAiB;QACnB,OAAO,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAA;IACrC,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,eAAe,CACjB,MAAc,EACd,OAAqB,EACrB,eAAuB,sCAAsC;QAE7D,MAAM,mBAAmB,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,YAAY,CAAA;QACrD,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC3B,MAAM,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,MAAM,EAAE,mBAAmB,EAAE,GAAG,MAAM,EAAE,CAAC,CAAA;QACtE,CAAC;IACL,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,cAAc,CAAC,MAAc;QAC/B,MAAM,mBAAmB,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;QACtC,OAAO,CACH,MAAM,IAAI,CAAC,OAAO;aACb,KAAK,CAAC,QAAQ,CAAC;aACf,MAAM,CAAC,MAAM,CAAC;aACd,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,mBAAmB,GAAG,mBAAmB,CAAC;aACjE,OAAO,EAAE,CACjB,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;YACf,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,WAAW,EAAE,MAAM,CAAC,WAAW;SAClC,CAAC,CAAC,CAAA;IACP,CAAC;CACJ"}

package/dist/decryptionExtensions.d.ts

@@ -0,0 +1,200 @@
+import TypedEmitter from 'typed-emitter';
+import { Permission } from '@towns-protocol/web3';
+import { AddEventResponse_Error, EncryptedData, SessionKeys, UserInboxPayload_GroupEncryptionSessions } from '@towns-protocol/proto';
+import { DLogger } from '@towns-protocol/dlog';
+import { GroupEncryptionAlgorithmId, GroupEncryptionSession, UserDevice } from './olmLib';
+import { GroupEncryptionCrypto } from './groupEncryptionCrypto';
+export interface EntitlementsDelegate {
+    isEntitled(spaceId: string | undefined, channelId: string | undefined, user: string, permission: Permission): Promise<boolean>;
+}
+export declare enum DecryptionStatus {
+    initializing = "initializing",
+    updating = "updating",
+    working = "working",
+    idle = "idle",
+    done = "done"
+}
+export type DecryptionEvents = {
+    decryptionExtStatusChanged: (status: DecryptionStatus) => void;
+};
+export interface NewGroupSessionItem {
+    streamId: string;
+    sessions: UserInboxPayload_GroupEncryptionSessions;
+}
+export interface EncryptedContentItem {
+    streamId: string;
+    eventId: string;
+    kind: string;
+    encryptedData: EncryptedData;
+}
+export interface KeySolicitationContent {
+    deviceKey: string;
+    fallbackKey: string;
+    isNewDevice: boolean;
+    sessionIds: string[];
+}
+export interface EventSignatureBundle {
+    hash: Uint8Array;
+    signature: Uint8Array | undefined;
+    event: {
+        creatorAddress: Uint8Array;
+        delegateSig: Uint8Array;
+        delegateExpiryEpochMs: bigint;
+    };
+}
+export interface KeySolicitationItem {
+    streamId: string;
+    fromUserId: string;
+    fromUserAddress: Uint8Array;
+    solicitation: KeySolicitationContent;
+    respondAfter: number;
+    sigBundle: EventSignatureBundle;
+    hashStr: string;
+}
+export interface KeySolicitationData {
+    streamId: string;
+    isNewDevice: boolean;
+    missingSessionIds: string[];
+}
+export interface KeyFulfilmentData {
+    streamId: string;
+    userAddress: Uint8Array;
+    deviceKey: string;
+    sessionIds: string[];
+}
+export interface GroupSessionsData {
+    streamId: string;
+    item: KeySolicitationItem;
+    sessions: GroupEncryptionSession[];
+    algorithm: GroupEncryptionAlgorithmId;
+}
+export interface DecryptionSessionError {
+    missingSession: boolean;
+    kind: string;
+    encryptedData: EncryptedData;
+    error?: unknown;
+}
+/**
+ *
+ * Responsibilities:
+ * 1. Download new to-device messages that happened while we were offline
+ * 2. Decrypt new to-device messages
+ * 3. Decrypt encrypted content
+ * 4. Retry decryption failures, request keys for failed decryption
+ * 5. Respond to key solicitations
+ *
+ *
+ * Notes:
+ * If in the future we started snapshotting the eventNum of the last message sent by every user,
+ * we could use that to determine the order we send out keys, and the order that we reply to key solicitations.
+ *
+ * It should be easy to introduce a priority stream, where we decrypt messages from that stream first, before
+ * anything else, so the messages show up quicky in the ui that the user is looking at.
+ *
+ * We need code to purge bad sessions (if someones sends us the wrong key, or a key that doesn't decrypt the message)
+ */
+export declare abstract class BaseDecryptionExtensions {
+    private _status;
+    private mainQueues;
+    private streamQueues;
+    private upToDateStreams;
+    private highPriorityIds;
+    private recentStreamIds;
+    private decryptionFailures;
+    private inProgressTick?;
+    private timeoutId?;
+    private delayMs;
+    private started;
+    private numRecentStreamIds;
+    private emitter;
+    protected _onStopFn?: () => void;
+    protected log: {
+        debug: DLogger;
+        info: DLogger;
+        error: DLogger;
+    };
+    readonly crypto: GroupEncryptionCrypto;
+    readonly entitlementDelegate: EntitlementsDelegate;
+    readonly userDevice: UserDevice;
+    readonly userId: string;
+    constructor(emitter: TypedEmitter<DecryptionEvents>, crypto: GroupEncryptionCrypto, entitlementDelegate: EntitlementsDelegate, userDevice: UserDevice, userId: string, upToDateStreams: Set<string>, inLogId: string);
+    abstract ackNewGroupSession(session: UserInboxPayload_GroupEncryptionSessions): Promise<void>;
+    abstract decryptGroupEvent(streamId: string, eventId: string, kind: string, encryptedData: EncryptedData): Promise<void>;
+    abstract downloadNewMessages(): Promise<void>;
+    abstract getKeySolicitations(streamId: string): KeySolicitationContent[];
+    abstract hasStream(streamId: string): boolean;
+    abstract isUserEntitledToKeyExchange(streamId: string, userId: string, opts?: {
+        skipOnChainValidation: boolean;
+    }): Promise<boolean>;
+    abstract isValidEvent(item: KeySolicitationItem): {
+        isValid: boolean;
+        reason?: string;
+    };
+    abstract isUserInboxStreamUpToDate(upToDateStreams: Set<string>): boolean;
+    abstract onDecryptionError(item: EncryptedContentItem, err: DecryptionSessionError): void;
+    abstract sendKeySolicitation(args: KeySolicitationData): Promise<void>;
+    abstract sendKeyFulfillment(args: KeyFulfilmentData): Promise<{
+        error?: AddEventResponse_Error;
+    }>;
+    abstract encryptAndShareGroupSessions(args: GroupSessionsData): Promise<void>;
+    abstract shouldPauseTicking(): boolean;
+    /**
+     * uploadDeviceKeys
+     * upload device keys to the server
+     */
+    abstract uploadDeviceKeys(): Promise<void>;
+    abstract getPriorityForStream(streamId: string, highPriorityIds: Set<string>, recentStreamIds: Set<string>): number;
+    enqueueNewGroupSessions(sessions: UserInboxPayload_GroupEncryptionSessions, _senderId: string): void;
+    enqueueNewEncryptedContent(streamId: string, eventId: string, kind: string, // kind of encrypted data
+    encryptedData: EncryptedData): void;
+    enqueueInitKeySolicitations(streamId: string, eventHashStr: string, members: {
+        userId: string;
+        userAddress: Uint8Array;
+        solicitations: KeySolicitationContent[];
+    }[], sigBundle: EventSignatureBundle): void;
+    enqueueKeySolicitation(streamId: string, eventHashStr: string, fromUserId: string, fromUserAddress: Uint8Array, keySolicitation: KeySolicitationContent, sigBundle: EventSignatureBundle): void;
+    setStreamUpToDate(streamId: string): void;
+    resetUpToDateStreams(): void;
+    retryDecryptionFailures(streamId: string): void;
+    start(): void;
+    enqueueNewMessageDownload(): void;
+    onStart(): void;
+    stop(): Promise<void>;
+    onStop(): Promise<void>;
+    get status(): DecryptionStatus;
+    private setStatus;
+    private compareStreamIds;
+    private lastPrintedAt;
+    protected checkStartTicking(): void;
+    private stopTicking;
+    private getDelayMs;
+    private tick;
+    /**
+     * processNewGroupSession
+     * process new group sessions that were sent to our to device stream inbox
+     * re-enqueue any decryption failures with matching session id
+     */
+    private processNewGroupSession;
+    /**
+     * processEncryptedContentItem
+     * try to decrypt encrytped content
+     */
+    private processEncryptedContentItem;
+    /**
+     * processMissingKeys
+     * process missing keys and send key solicitations to streams
+     */
+    private processMissingKeys;
+    /**
+     * processKeySolicitation
+     * process incoming key solicitations and send keys and key fulfillments
+     */
+    private processKeySolicitation;
+    /**
+     * can be overridden to add a delay to the key solicitation response
+     */
+    getRespondDelayMSForKeySolicitation(_streamId: string, _userId: string): number;
+    setHighPriorityStreams(streamIds: string[]): void;
+}
+export declare function makeSessionKeys(sessions: GroupEncryptionSession[]): SessionKeys;
+//# sourceMappingURL=decryptionExtensions.d.ts.map

package/dist/decryptionExtensions.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"decryptionExtensions.d.ts","sourceRoot":"","sources":["../src/decryptionExtensions.ts"],"names":[],"mappings":"AAAA,OAAO,YAAY,MAAM,eAAe,CAAA;AACxC,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAA;AACjD,OAAO,EACH,sBAAsB,EACtB,aAAa,EAEb,WAAW,EAEX,wCAAwC,EAC3C,MAAM,uBAAuB,CAAA;AAC9B,OAAO,EAIH,OAAO,EAGV,MAAM,sBAAsB,CAAA;AAC7B,OAAO,EACH,0BAA0B,EAC1B,sBAAsB,EAEtB,UAAU,EACb,MAAM,UAAU,CAAA;AAEjB,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAA;AAE/D,MAAM,WAAW,oBAAoB;IACjC,UAAU,CACN,OAAO,EAAE,MAAM,GAAG,SAAS,EAC3B,SAAS,EAAE,MAAM,GAAG,SAAS,EAC7B,IAAI,EAAE,MAAM,EACZ,UAAU,EAAE,UAAU,GACvB,OAAO,CAAC,OAAO,CAAC,CAAA;CACtB;AAED,oBAAY,gBAAgB;IACxB,YAAY,iBAAiB;IAC7B,QAAQ,aAAa;IACrB,OAAO,YAAY;IACnB,IAAI,SAAS;IACb,IAAI,SAAS;CAChB;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC3B,0BAA0B,EAAE,CAAC,MAAM,EAAE,gBAAgB,KAAK,IAAI,CAAA;CACjE,CAAA;AAED,MAAM,WAAW,mBAAmB;IAChC,QAAQ,EAAE,MAAM,CAAA;IAChB,QAAQ,EAAE,wCAAwC,CAAA;CACrD;AAED,MAAM,WAAW,oBAAoB;IACjC,QAAQ,EAAE,MAAM,CAAA;IAChB,OAAO,EAAE,MAAM,CAAA;IACf,IAAI,EAAE,MAAM,CAAA;IACZ,aAAa,EAAE,aAAa,CAAA;CAC/B;AAED,MAAM,WAAW,sBAAsB;IACnC,SAAS,EAAE,MAAM,CAAA;IACjB,WAAW,EAAE,MAAM,CAAA;IACnB,WAAW,EAAE,OAAO,CAAA;IACpB,UAAU,EAAE,MAAM,EAAE,CAAA;CACvB;AAGD,MAAM,WAAW,oBAAoB;IACjC,IAAI,EAAE,UAAU,CAAA;IAChB,SAAS,EAAE,UAAU,GAAG,SAAS,CAAA;IACjC,KAAK,EAAE;QACH,cAAc,EAAE,UAAU,CAAA;QAC1B,WAAW,EAAE,UAAU,CAAA;QACvB,qBAAqB,EAAE,MAAM,CAAA;KAChC,CAAA;CACJ;AAED,MAAM,WAAW,mBAAmB;IAChC,QAAQ,EAAE,MAAM,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;IAClB,eAAe,EAAE,UAAU,CAAA;IAC3B,YAAY,EAAE,sBAAsB,CAAA;IACpC,YAAY,EAAE,MAAM,CAAA;IACpB,SAAS,EAAE,oBAAoB,CAAA;IAC/B,OAAO,EAAE,MAAM,CAAA;CAClB;AAED,MAAM,WAAW,mBAAmB;IAChC,QAAQ,EAAE,MAAM,CAAA;IAChB,WAAW,EAAE,OAAO,CAAA;IACpB,iBAAiB,EAAE,MAAM,EAAE,CAAA;CAC9B;AAED,MAAM,WAAW,iBAAiB;IAC9B,QAAQ,EAAE,MAAM,CAAA;IAChB,WAAW,EAAE,UAAU,CAAA;IACvB,SAAS,EAAE,MAAM,CAAA;IACjB,UAAU,EAAE,MAAM,EAAE,CAAA;CACvB;AAED,MAAM,WAAW,iBAAiB;IAC9B,QAAQ,EAAE,MAAM,CAAA;IAChB,IAAI,EAAE,mBAAmB,CAAA;IACzB,QAAQ,EAAE,sBAAsB,EAAE,CAAA;IAClC,SAAS,EAAE,0BAA0B,CAAA;CACxC;AAED,MAAM,WAAW,sBAAsB;IACnC,cAAc,EAAE,OAAO,CAAA;IACvB,IAAI,EAAE,MAAM,CAAA;IACZ,aAAa,EAAE,aAAa,CAAA;IAC5B,KAAK,CAAC,EAAE,OAAO,CAAA;CAClB;AAyDD;;;;;;;;;;;;;;;;;;GAkBG;AACH,8BAAsB,wBAAwB;IAC1C,OAAO,CAAC,OAAO,CAAkD;IACjE,OAAO,CAAC,UAAU,CAIjB;IACD,OAAO,CAAC,YAAY,CAAqB;IACzC,OAAO,CAAC,eAAe,CAAoB;IAC3C,OAAO,CAAC,eAAe,CAAyB;IAChD,OAAO,CAAC,eAAe,CAAe;IACtC,OAAO,CAAC,kBAAkB,CAA6D;IACvF,OAAO,CAAC,cAAc,CAAC,CAAe;IACtC,OAAO,CAAC,SAAS,CAAC,CAAgB;IAClC,OAAO,CAAC,OAAO,CAAY;IAC3B,OAAO,CAAC,OAAO,CAAiB;IAChC,OAAO,CAAC,kBAAkB,CAAY;IACtC,OAAO,CAAC,OAAO,CAAgC;IAE/C,SAAS,CAAC,SAAS,CAAC,EAAE,MAAM,IAAI,CAAA;IAChC,SAAS,CAAC,GAAG,EAAE;QACX,KAAK,EAAE,OAAO,CAAA;QACd,IAAI,EAAE,OAAO,CAAA;QACb,KAAK,EAAE,OAAO,CAAA;KACjB,CAAA;IAED,SAAgB,MAAM,EAAE,qBAAqB,CAAA;IAC7C,SAAgB,mBAAmB,EAAE,oBAAoB,CAAA;IACzD,SAAgB,UAAU,EAAE,UAAU,CAAA;IACtC,SAAgB,MAAM,EAAE,MAAM,CAAA;gBAG1B,OAAO,EAAE,YAAY,CAAC,gBAAgB,CAAC,EACvC,MAAM,EAAE,qBAAqB,EAC7B,mBAAmB,EAAE,oBAAoB,EACzC,UAAU,EAAE,UAAU,EACtB,MAAM,EAAE,MAAM,EACd,eAAe,EAAE,GAAG,CAAC,MAAM,CAAC,EAC5B,OAAO,EAAE,MAAM;aAqBH,kBAAkB,CAC9B,OAAO,EAAE,wCAAwC,GAClD,OAAO,CAAC,IAAI,CAAC;aACA,iBAAiB,CAC7B,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,EACf,IAAI,EAAE,MAAM,EACZ,aAAa,EAAE,aAAa,GAC7B,OAAO,CAAC,IAAI,CAAC;aACA,mBAAmB,IAAI,OAAO,CAAC,IAAI,CAAC;aACpC,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,sBAAsB,EAAE;aAC/D,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;aACpC,2BAA2B,CACvC,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,EACd,IAAI,CAAC,EAAE;QAAE,qBAAqB,EAAE,OAAO,CAAA;KAAE,GAC1C,OAAO,CAAC,OAAO,CAAC;aACH,YAAY,CAAC,IAAI,EAAE,mBAAmB,GAAG;QAAE,OAAO,EAAE,OAAO,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE;aAC9E,yBAAyB,CAAC,eAAe,EAAE,GAAG,CAAC,MAAM,CAAC,GAAG,OAAO;aAChE,iBAAiB,CAAC,IAAI,EAAE,oBAAoB,EAAE,GAAG,EAAE,sBAAsB,GAAG,IAAI;aAChF,mBAAmB,CAAC,IAAI,EAAE,mBAAmB,GAAG,OAAO,CAAC,IAAI,CAAC;aAC7D,kBAAkB,CAC9B,IAAI,EAAE,iBAAiB,GACxB,OAAO,CAAC;QAAE,KAAK,CAAC,EAAE,sBAAsB,CAAA;KAAE,CAAC;aAC9B,4BAA4B,CAAC,IAAI,EAAE,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC;aACpE,kBAAkB,IAAI,OAAO;IAC7C;;;OAGG;aACa,gBAAgB,IAAI,OAAO,CAAC,IAAI,CAAC;aACjC,oBAAoB,CAChC,QAAQ,EAAE,MAAM,EAChB,eAAe,EAAE,GAAG,CAAC,MAAM,CAAC,EAC5B,eAAe,EAAE,GAAG,CAAC,MAAM,CAAC,GAC7B,MAAM;IAEF,uBAAuB,CAC1B,QAAQ,EAAE,wCAAwC,EAClD,SAAS,EAAE,MAAM,GAClB,IAAI;IAOA,0BAA0B,CAC7B,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,EACf,IAAI,EAAE,MAAM,EAAE,yBAAyB;IACvC,aAAa,EAAE,aAAa,GAC7B,IAAI;IAiBA,2BAA2B,CAC9B,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE;QACL,MAAM,EAAE,MAAM,CAAA;QACd,WAAW,EAAE,UAAU,CAAA;QACvB,aAAa,EAAE,sBAAsB,EAAE,CAAA;KAC1C,EAAE,EACH,SAAS,EAAE,oBAAoB,GAChC,IAAI;IAmCA,sBAAsB,CACzB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,UAAU,EAAE,MAAM,EAClB,eAAe,EAAE,UAAU,EAC3B,eAAe,EAAE,sBAAsB,EACvC,SAAS,EAAE,oBAAoB,GAChC,IAAI;IAqCA,iBAAiB,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI;IAMzC,oBAAoB,IAAI,IAAI;IAK5B,uBAAuB,CAAC,QAAQ,EAAE,MAAM,GAAG,IAAI;IAe/C,KAAK,IAAI,IAAI;IAgBb,yBAAyB;IAIzB,OAAO,IAAI,IAAI;IAIT,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC;IAQ3B,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;IAK9B,IAAW,MAAM,IAAI,gBAAgB,CAEpC;IAED,OAAO,CAAC,SAAS;IAQjB,OAAO,CAAC,gBAAgB;IAQxB,OAAO,CAAC,aAAa,CAAI;IACzB,SAAS,CAAC,iBAAiB;YAsDb,WAAW;IAgBzB,OAAO,CAAC,UAAU;IASlB,OAAO,CAAC,IAAI;IA2DZ;;;;OAIG;YACW,sBAAsB;IA8EpC;;;OAGG;YACW,2BAA2B;IA0CzC;;;OAGG;YACW,kBAAkB;IAuDhC;;;OAGG;YACW,sBAAsB;IAgGpC;;OAEG;IACI,mCAAmC,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM;IAI/E,sBAAsB,CAAC,SAAS,EAAE,MAAM,EAAE;CAGpD;AAED,wBAAgB,eAAe,CAAC,QAAQ,EAAE,sBAAsB,EAAE,GAAG,WAAW,CAK/E"}